Spill - Privacy Policy

Your Privacy Matters

Spill is an anonymous messaging platform. We never reveal the identity of message senders. We collect only the minimum data necessary to deliver messages and provide sender hints to recipients. We do not sell or share your data with third parties.

1. Introduction

This Privacy Policy explains how Spill ("the App", "we", "us", or "our") collects, uses, and protects your information. Spill enables users to receive anonymous messages via a shareable link. We are committed to protecting your privacy and being transparent about our practices.

2. Information We Collect

2.1 Account Information (Message Recipients)

When you create an account in the Spill app, we collect:

Username: Your chosen public username for your Spill link
Anonymous Auth ID: A randomly generated identifier — no email, phone, or real name required
Push Notification Token: To notify you of new messages (with your permission)

2.2 Message Data

When someone sends you a message through your Spill link, we store:

Message content: The text of the anonymous message (max 200 characters)
Timestamp: When the message was sent

2.3 Sender Metadata (Sender Hints)

To power the Sender Hints feature (available to PRO users), we collect the following metadata from message senders:

Data	Purpose	Visibility
IP Address	Approximate location, network info, and sender blocking	Internal only
Device Type	Sender hint (e.g., iPhone, Samsung)	PRO users
Approximate Location	City and country derived from IP	PRO users
Network / ISP	Carrier or internet provider name	PRO users
Referral Source	Which platform the sender came from (e.g., Instagram, TikTok)	PRO users

Important: Sender Anonymity

Sender hints provide approximate, non-identifying information only. We never reveal a sender's name, email, phone number, or social media account. IP addresses are used internally for blocking and geolocation but are never shown to message recipients.

2.4 Information We Do NOT Collect

Real names or email addresses
Phone numbers
Social media account details
Photos, contacts, or files from your device
Precise GPS location
Browsing history
Advertising identifiers

3. How We Use Your Information

Deliver messages: Route anonymous messages to the correct recipient
Sender hints: Provide device, location, network, and source hints to PRO users
Push notifications: Notify you when new messages arrive
Content moderation: Filter hate speech and harmful content in 7 languages
Sender blocking: Allow recipients to block abusive senders by IP
Abuse prevention: Process reports and enforce community safety

4. Data Storage and Security

4.1 Where Your Data Is Stored

Your data is stored on Supabase cloud servers with the following security measures:

Data encrypted in transit (TLS/SSL)
Data encrypted at rest
Row-level security policies ensuring users can only access their own data
Server infrastructure hosted in secure data centers

4.2 Local Storage

The app stores minimal data locally on your device:

Session token: To keep you logged in
Cached user profile: For offline access
Cached messages: Messages are cached locally for offline access and remain on your device even after server deletion
App preferences: Language settings

5. Third-Party Services

Spill integrates with the following third-party services:

Service	Purpose	Data Shared
Supabase	Database, authentication, edge functions	Account data, messages, sender metadata
RevenueCat	In-app purchase management	Anonymous user ID, purchase status
Expo Push Notifications	Deliver push notifications	Push token, notification content
ip-api.com	IP geolocation lookup for sender hints	Sender IP address
Apple App Store	Payment processing	None by us (Apple handles)

We do NOT use any advertising networks, behavioral tracking, or analytics services.

6. Permissions We Request

Permission	Purpose	Required
Push Notifications	Notify you when new anonymous messages arrive	Optional
Clipboard (read)	Copy your Spill link for sharing	Optional

Spill does NOT request access to your camera, microphone, contacts, location, or photos.

7. Content Moderation

To maintain a safe environment, Spill employs:

Automated content filtering: Messages containing hate speech, threats, or harmful content in 7 languages (English, Korean, Japanese, Chinese, German, French, Spanish) are automatically blocked
User reporting: Recipients can report inappropriate messages
Sender blocking: Recipients can block senders — blocked senders receive a fake "success" response so they do not know they have been blocked

8. In-App Purchases

Spill PRO is available as a one-time lifetime purchase:

Purchases are processed by Apple and managed through RevenueCat
We do NOT receive your payment information or Apple ID
RevenueCat receives only an anonymous user identifier and purchase status
You can restore purchases on any device using the same Apple ID

9. Data Retention

Messages (server): Automatically deleted after 30 days
Messages (local): Cached on your device until you manually delete them or uninstall the app
Account data: Stored until you uninstall the app (anonymous accounts are not recoverable)
Sender metadata: Stored alongside messages for the same duration
Block list: Maintained as long as your account exists
Reports: Retained for safety review purposes

Uninstalling the app removes your local session and cached data. Since accounts are anonymous, server-side data associated with orphaned accounts may be periodically purged.

10. Children's Privacy

Spill is not intended for children under 13 years of age. We do not knowingly collect information from children. Since accounts are anonymous and do not require personal information, there is minimal risk of children's personal data being collected.

If you believe a child is using the app inappropriately, please contact us.

11. Your Rights and Controls

11.1 Access Your Data

View all your received messages within the app
View sender hints (PRO) within the app

11.2 Delete Your Data

Delete individual messages or all messages within the app
Uninstall the app to remove your local session and cached data
Contact us to request server-side data deletion

11.3 Manage Permissions

Go to iOS Settings > Spill to manage push notification permissions

11.4 Block and Report

Block any sender with one tap
Report messages as spam or harassment

12. International Users

Spill is available worldwide in 7 languages. Your data may be processed in the region where our server infrastructure is located. By using Spill, you consent to this transfer. We comply with applicable data protection laws including GDPR for EU users.

EU users have additional rights including data portability, right to erasure, and right to object to processing. Contact us to exercise these rights.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by:

Updating the "Last Updated" date at the top
Posting the new policy at this URL

Continued use of the App after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy, your data, or wish to request data deletion:

Email: prizm_kr@hotmail.com

Support: Available through App Store or email

Privacy Summary

Do we require personal info to sign up?	No — fully anonymous
Do we reveal sender identity?	Never
Do we show ads?	No
Do we use analytics or tracking?	No
Do we sell your data?	No
Do we share data with third parties?	Only service providers listed above
Can senders be blocked?	Yes, with one tap
Is harmful content filtered?	Yes, in 7 languages
How long are messages stored on server?	30 days, then auto-deleted
Can you delete your data?	Yes — in-app, uninstall, or contact us